The researchers scanned almost 11,000 Android apps that have more than a million downloads each and found that over 1000 of them were still vulnerable because they use an Open SSL library to connect to HTTPS servers. They wrote:

These 1228 apps have been downloaded over 6.3 billion times. Of these 1228 Android apps, 664 use Android’s bundled OpenSSL library and 564 have their own compiled OpenSSL library. All these OpenSSL versions are vulnerable to FREAK.

And when it comes to Apple’s iOS, things certainly don’t look much better. Out of over 14,000 popular iOS apps tested, 5.5 percent of them were connecting to the vulnerable HTTPS servers as well. However, this only applies to older version of the OS. Just seven of the vulnerable apps remain unfixed on iOS 8.2.

Amanda Connolly is a reporter for The Next Web, currently based in London. Originally from Ireland, Amanda previously worked in press and editorial at the Web Summit. She’s interested in all things tech, with a particular fondness for lifestyle and creative tech and the spaces where these intersect. Twitter